凉城旧巷
Python从入门到自闭,Java从自闭到放弃,数据库从删库到跑路,Linux从rm -rf到完犊子!!!

gitlab、gerrit安装与集成

一、Gitlab-15.10.3

1、安装包、依赖包

gitlab-ce-15.10.3-ce.0.el7.x86_64.rpm

 

2、安装

rpm -ivh gitlab-ce-15.10.3-ce.0.el7.x86_64.rpm

 

3、配置

vim /etc/gitlab/gitlab.rb

# 1. 修改 extermal_url
- ip为本机的ip,注意确认端口port没有被占用  例如'http://192.168.71.39:8070'

# 2. 修改备份保存目录 gitlab_rails['backup_path']
- 解开注释 #gitlab_rails['backup_path']
- 修改路径

 

4、生效配置并重启gitlab

gitlab-ctl reconfigure
gitlab-ctl restart

 

5、查看root初始密码

 cat /etc/gitlab/initial_root_password

 

6、设置定时备份

# 在 /etc/crontab 中添加任务
30  0  *  *  * root      cd /opt/gitlab/bin/ && gitlab-rake gitlab:backup:create

 

7、Web登录

 

二、Gerrit-3.8.0下载安装

安装、依赖包结构说明

|---- dependency-pkg/
|			|------- git-2.40.0.tar.gz
|			|------- httpd-tools-2.4.6.tar.gz
|			|------- jdk-17_linux-x64_bin.tar.gz
|			|------- nginx-1.20.1.tar.gz
|
|---- pkg/
|      |---- gerrit-3.8.0.war

 

1、JDK-17安装

(1)安装包

jdk-17_linux-x64_bin.tar.gz

(2)安装配置

# 1. 解压
tar -zxvf jdk-17_linux-x64_bin.tar.gz


# 2. 设置环境变量- vim /etc/profile.d/custom.sh
export JDK_HOME=/data/jdk-17.0.4.1
export PATH=$JDK_HOME/bin:$PATH


# 3. 测试java
java -version

 

2、gerrit-3.8.0安装

# 1. gerrit 安装
$ java -jar gerrit-3.8.0.war init -d /data/gerrit/gerrit-site   # -d 指定gerrit的根目录

Using secure store: com.google.gerrit.server.securestore.DefaultSecureStore
[2023-05-30 09:13:51,904] [main] INFO  com.google.gerrit.server.config.GerritServerConfigProvider : No /data/gerrit/gerrit-site/etc/gerrit.config; assuming defaults

*** Gerrit Code Review 3.8.0
*** 

Create '/data/gerrit/gerrit-site' [Y/n]?  

*** Git Repositories
*** 

Location of Git repositories   [git]:       # 可以指定git仓库保存路径,默认是 /data/gerrit/gerrit-site/git

*** JGit Configuration
*** 


*** Index
*** 

Type                           [lucene]: 

*** User Authentication
*** 

Authentication method          [openid/?]: HTTP   # 使用HTTP方式认证用户
Get username from custom HTTP header [y/N]? 
SSO logout URL                 : 
Enable signed push support     [y/N]? 

*** Review Labels
*** 

Install Verified label         [y/N]? 

*** Email Delivery
*** 

SMTP server hostname           [localhost]: 
SMTP server port               [(default)]: 
SMTP encryption                [none/?]: 
SMTP username                  : 

*** Container Process
*** 

Run as                         [root]: 
Java runtime                   [/data/jdk-17.0.4.1]: 
Copy gerrit-3.8.0.war to /data/gerrit/gerrit-site/bin/gerrit.war [Y/n]? 
Copying gerrit-3.8.0.war to /data/gerrit/gerrit-site/bin/gerrit.war

*** SSH Daemon
*** 

Listen on address              [*]: 
Listen on port                 [29418]: 
Generating SSH host key ... rsa... ed25519... ecdsa 256... ecdsa 384... ecdsa 521... done

*** HTTP Daemon
*** 

Behind reverse proxy           [y/N]? 
Use SSL (https://)             [y/N]? 
Listen on address              [*]: 192.168.71.29
Listen on port                 [8080]: 8083    # 设置端口
Canonical URL                  [http://192.168.71.29:8083/]: 

*** Cache
*** 


*** Plugins
*** 

Installing plugins.    # 这里是安jar包中自带的插件,下面一定要选择y,默认是不安装插件的
Install plugin codemirror-editor version v3.8.0 [y/N]? y
Installed codemirror-editor v3.8.0
Install plugin commit-message-length-validator version v3.8.0 [y/N]? y
Installed commit-message-length-validator v3.8.0
Install plugin delete-project version v3.8.0 [y/N]? y
Installed delete-project v3.8.0
Install plugin download-commands version v3.8.0 [y/N]? y
Installed download-commands v3.8.0
Install plugin gitiles version v3.8.0 [y/N]? y
Installed gitiles v3.8.0
Install plugin hooks version v3.8.0 [y/N]? y
Installed hooks v3.8.0
Install plugin plugin-manager version v3.8.0 [y/N]? y
Installed plugin-manager v3.8.0
Install plugin replication version v3.8.0 [y/N]? y
Installed replication v3.8.0
Install plugin reviewnotes version v3.8.0 [y/N]? y
Installed reviewnotes v3.8.0
Install plugin singleusergroup version v3.8.0 [y/N]? y
Installed singleusergroup v3.8.0
Install plugin webhooks version v3.8.0 [y/N]? y
Installed webhooks v3.8.0
Initializing plugins.

============================================================================
Welcome to the Gerrit community

Find more information on the homepage: https://www.gerritcodereview.com
Discuss Gerrit on the mailing list: https://groups.google.com/g/repo-discuss
============================================================================
Initialized /data/gerrit/gerrit-site
Init complete, reindexing accounts,changes,groups,projects with: reindex --site-path /data/gerrit/gerrit-site --threads 1 --index accounts --index changes --index groups --index projectsReindexed 0 documents in accounts index in 0.0s (0.0/s)
Index accounts in version 12 is ready
Reindexing groups:      100% (2/2)
Reindexed 2 documents in groups index in 0.2s (8.9/s)
Index groups in version 9 is ready
Reindexing changes: Slicing projects: 100% (2/2), done    
Reindexed 0 documents in changes index in 0.0s (0.0/s)
Index changes in version 82 is ready
Reindexing projects:    100% (2/2)
Reindexed 2 documents in projects index in 0.0s (117.6/s)
Index projects in version 5 is ready
Executing /data/gerrit/gerrit-site/bin/gerrit.sh start
Starting Gerrit Code Review: OK
Waiting for server on 192.168.71.29:8083 ... OK
Please open the following URL in the browser: http://192.168.71.29:8083/#/admin/projects/

# 2. 启动gerrit
# 如果1.中没有启动gerrit,那么手动启动gerrit
$ cd /data/gerrit/gerrit-site/bin
$ ./gerrit.sh start


#3. 查看状态
[root@localhost bin]# netstat -ltpn |grep -i gerrit
tcp6       0      0 192.168.71.29:8083      :::*                    LISTEN      3762/GerritCodeRevi 
tcp6       0      0 :::29418                :::*                    LISTEN      3762/GerritCodeRevi 
[root@localhost bin]# 
[root@localhost bin]# ps -au |grep -i gerrit
root      3762  2.4  3.8 4820232 306136 pts/0  Sl   09:20   0:13 GerritCodeReview -Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance -Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance -jar /data/gerrit/gerrit-site/bin/gerrit.war daemon -d /data/gerrit/gerrit-site --run-id=1685409602.3690
root      4128  0.0  0.0 112812  1004 pts/0    S+   09:29   0:00 grep --color=auto -i gerrit

 

3、nginx-1.20.1安装

1)安装nginx

tar -zxvf nginx-1.20.1.tar.gz
cd nginx-1.20.1/
rpm -Uvh *.rpm --force --nodeps

 

2)配置nginx

(1)新增 /etc/nginx/conf.d/gerrit.conf

server {
     listen *:9999;       # 监听端口
     server_name 192.168.71.29;   # 修改为主机的ip
     allow   all;
     deny    all;

     auth_basic "Welcom to Gerrit Code Review Site!";
     auth_basic_user_file /data/gerrit/gerrit_users/gerrit.password;   # 确定一个文件,用来保存http认证用户,在下面的创建用户中使用到

     location / {
        proxy_pass  http://192.168.71.29:8083;  # 转发目标端口,修改为主机的ip 和gerrit中设置的port
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
     }

     location = /favicon.ico {
        log_not_found off;
        access_log off;
     }
   }

(2)修改默认的配置文件

# 1. 打开/etc/nginx/nginx.conf, 修改 user 为 root

 

4、创建gerrit用户

# 1. 安装httpd工具
tar -zxvf httpd-tools-2.4.6.tar.gz
rpm -Uvh httpd-tools-2.4.6/*.rpm --force --nodeps

# 2. 创建gerrit用户
# (1)创建第一个用户
[root@localhost gerrit]# htpasswd -c /data/gerrit/gerrit_users/gerrit.password admin
New password: 
Re-type new password: 
Adding password for user admin

# (2)添加用户
[root@localhost gerrit]# htpasswd -m /data/gerrit/gerrit_users/gerrit.password testuser
New password: 
Re-type new password: 
Adding password for user testuser

[root@localhost gerrit]# cat  /data/gerrit/gerrit_users/gerrit.password
admin:$apr1$ImMEpcGR$JU/s0FYbYPsJuvpEKcMNa0
testuser:$apr1$ZiROdkZQ$qzcJjSBZwfaIkx7zj6zxC.

 

5、确认配置

1)确认gerrit配置

  • Gerrit Server监听 8083端口
  • 认证方式为 HTTP
# vim gerrit_install_dir/etc/gerrit.config
[gerrit]
        basePath = git
        canonicalWebUrl = http://192.168.71.29:8083/
        serverId = 1269ab01-7bc7-4c47-abf2-ee2fb65c7937
[container]
        javaOptions = "-Dflogger.backend_factory=com.google.common.flogger.backend.log4j.Log4jBackendFactory#getInstance"
        javaOptions = "-Dflogger.logging_context=com.google.gerrit.server.logging.LoggingContext#getInstance"
        user = root
        javaHome = /data/jdk-17.0.4.1
[index]
        type = lucene
[auth]
        type = HTTP
[receive]
        enableSignedPush = false
[sendemail]
        smtpServer = localhost
[sshd]
        listenAddress = *:29418
[httpd]
        listenUrl = http://192.168.71.29:8083/
[cache]
        directory = cache

 

2)确认nginx配置

  • auth_basic_user_file 认证用户文件
  • server_name
  • proxy_pass
# vim /etc/nginx/conf.d/gerrit.conf
server {
     listen *:9999;
     server_name 192.168.71.29;
     allow   all;
     deny    all;

     auth_basic "Welcom to Gerrit Code Review Site!";
     auth_basic_user_file /data/gerrit/gerrit_users/gerrit.password;

     location / {
        proxy_pass  http://192.168.71.29:8083;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
     }

     location = /favicon.ico {
        log_not_found off;
        access_log off;
     }
   }

 

6、启动nginx

# 1. 启动nginx
systemctl restart nginx.service

# 如果报错可能是监听端口被占用,需要修改为其它端口

 

7、关闭防火墙和selinux

  • 一定要关闭,否则web中会访问失败
# 1. 关闭firewall
systemctl stop firewalld.service 
systemctl disable firewalld.service 

# 2. 关闭selinux
# a. 永久关闭selinux,将SELINUX修改为disabled
vim /etc/sysconfig/selinux
# b. 永久修改方式不会立刻生效,当前环境下也修改
setenforce 0

 

8、浏览器访问

 

三、gerrit集成gitlab

1、(忽略,默认自带)下载gerrit插件——replication

插件源:https://gerrit-ci.gerritforge.com

 

2、(忽略,默认自带)安装插件

  • 将下载的jar文件,上传到<gerrit_intsall_dir>/plugins目录下

  • 重启gerrit服务器,会自动加载插件:sh <gerrit_intsall_dir>/bin/gerrit.sh restart

  • 查看插件是否加载

 

3、配置gerrit访问gitlab

  • gerrit主机ip:192.168.70.39

  • gerrit主机的公钥添加到gitlab中的ssh key

# 1. 如果没有生成ssh key,通过以下命令生成
[root@gerrit ~]# ssh-keygen -t rsa -b 2048 -C "<key_commit>"

# 2. 将 ~/.ssh/中的公钥(.pub)复制粘贴到gitlab的ssh key中
[root@gerrit ~]# cat .ssh/id_rsa.pub 

 

4、配置gitlab访问gerrit

1)配置免密登录

  • gitlab主机:192.168.71.39

  • 将gitlab主机的公钥添加到gerrit主机中

# 1. 将gitlab机器的公钥添加到gerrit机器的authorized_keys文件中,实现免密登录
# 通过 ssh-copy-id 实现
[root@gitlab ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.70.39
或
# 手动将gitlab机器的公钥复制粘贴过去



# 2. 将gerrit机器的公钥添加到gitlab机器的authorized_keys文件中
[root@gerrit ~]# ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.71.39

 

2)配置用户同步Gitlab的配置文件

  • 需要在该配置文件中指定gitlab服务器相关信息,否则将会同步失败
# 在gerrit机器上配置
[root@gerrit ~]$ cd /data/gerrit/gerrit-site/etc
[root@gerrit etc]$ pwd
/data/gerrit/gerrit-site/etc

[root@gerrit etc]$ mkdir .ssh
[root@gerrit etc]$ vim .ssh/config 
[root@gerrit etc]$ cat .ssh/config 
Host 192.168.71.39      # 这个IP是gitlab服务器的ip
  IdentityFile ~/.ssh/id_rsa
  PreferredAuthentications publickey

 

5、更新gerrit配置文件

# 1. 在gerrit.conf中添加以下内容:
# vim /data/gerrit/gerrit-site/etc/gerrit.config
[plugins]
        allowRemoteAdmin = true


# 2. 重启gerrit
sh /data/gerrit/gerrit-site/bin/gerrit.sh restart

 

6、测试

1)创建一个gitlab的项目

 

2)gerrit创建一个空项目

 

3)拉取新版本

[root@localhost ~]# cd /data/gerrit/gerrit-site/git/
[root@localhost git]# ls
All-Projects.git  All-Users.git  testrepo.git

[root@localhost git]# rm -rf testrepo.git
[root@localhost git]# git clone --bare git@192.168.71.39:gitlab-instance-8ffe87d4/testrepo.git   # 从gitlab上拉取

[root@localhost git]# cat testrepo.git/config 
[core]
        repositoryformatversion = 0
        filemode = true
        bare = true
[remote "origin"]
        url = git@192.168.71.39:gitlab-instance-8ffe87d4/testrepo.git

 

7、配置Grerrit与GitLab的同步

1)插件安装——安装gerrit时已安装该插件

如果想要将Gerrit上的改动自动同步到GitLab上,就需要用到Gerrit的Replication插件。
Replication 插件可以同时对接已有的 Git 仓库系统,通常用于提供 changes 的镜像或者热备份,自动地将 Gerrit Code Review创建的任何改动 push 到另外一个系统里。

# 查看插件状态,安装并且有已启用
[root@localhost ~]# ssh -p 29418 admin@192.168.70.39 gerrit plugin ls |grep replication
replication                    v3.8.0     3.8.0            ENABLED  replication.jar

 

2)配置replication配置文件

<gerrit_install_dir>/etc目录下手动创建replication.config文件用于代码同步。
特别注意:以后每创建一个新的项目,都要在该配置文件中添加对应的配置。

[root@localhost etc]# pwd
/data/gerrit/gerrit-site/etc

[root@localhost etc]# vim replication.config

[root@localhost etc]# cat replication.config      #该文件需要手动创建
[remote "testrepo"]       # remote后面是项目名称
projects = testrepo   # projects也是项目名称
url = git@192.168.71.39:gitlab-instance-8ffe87d4/testrepo.git   # gitlab上clone使用的url,使用ssh
push = +refs/heads/*:refs/heads/*
push = +refs/tags/*:refs/tags/*
push = +refs/changes/*:refs/changes/*
threads = 3

 

3)重载插件

ssh -p 29418 admin@192.168.70.39 gerrit plugin reload replication

 

8、测试自动更新gitlab

  • 使用一台客户端机器测试
  • 客户端的ssh公钥
  • 客户端git版本不能太低,需要2.x

1)添加客户端ssh-key公钥

[fhu@localhost 09:01 ~]$ cat ~/.ssh/id_rsa.pub
ssh-rsa AAAAB3NzaC1xxxxyyyyttttzzzzcvcrdfddd abcd

# 将该公钥添加到gerrit的ssh-key中

 

2)拉取gerrit项目

[fhu@localhost 09:09 ~/Downloads]$ git clone "ssh://admin@192.168.70.39:29418/testrepo" && (cd "testrepo" && mkdir -p `git rev-parse --git-dir`/hooks/ && curl -Lo `git rev-parse --git-dir`/hooks/commit-msg http://192.168.70.39:8083/tools/hooks/commit-msg && chmod +x `git rev-parse --git-dir`/hooks/commit-msg)

 

3)修改、提交

(1)无需审核直接同步到gitlab
21 [fhu@localhost 09:19 ~/Downloads/testrepo]$ ls
README.md

22 [fhu@localhost 09:19 ~/Downloads/testrepo]$ echo "11111" > aaa.txt
23 [fhu@localhost 09:19 ~/Downloads/testrepo]$ ls
aaa.txt  README.md

24 [fhu@localhost 09:19 ~/Downloads/testrepo]$ git add .

25 [fhu@localhost 09:20 ~/Downloads/testrepo]$ git commit -m 'update | add aaa.txt'
[main 9e7e52c] update | add aaa.txt
 1 file changed, 1 insertion(+)
 create mode 100644 aaa.txt
 
26 [fhu@localhost 09:26 ~/Downloads/testrepo]$ git push origin main    # 该方式会直接合并,生产环境不建议使用
Enumerating objects: 4, done.
Counting objects: 100% (4/4), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 305 bytes | 305.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
remote: Processing changes: refs: 1, done    
To ssh://192.168.70.39:29418/testrepo
   9ddb4c6..9e7e52c  main -> main

 

(2)提交审核后同步同步
  • 提交的命令变为git push -u origin HEAD:refs/for/<branch_name>格式
  • refs/for/*会将变更提交放到暂存区中,等待代码审核和集成验证
17 [fhu@localhost 09:34 ~/Downloads/testrepo]$ vim aaa.txt 

18 [fhu@localhost 09:35 ~/Downloads/testrepo]$ git status
On branch main
Your branch is up to date with 'origin/main'.

Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git restore <file>..." to discard changes in working directory)
        modified:   aaa.txt

no changes added to commit (use "git add" and/or "git commit -a")

19 [fhu@localhost 09:35 ~/Downloads/testrepo]$ git add aaa.txt

20 [fhu@localhost 09:35 ~/Downloads/testrepo]$ git commit -m 'update | add 222 to aaa.txt'
[main 46f2140] update | add 222 to aaa.txt
 1 file changed, 4 insertions(+)
 
21 [fhu@localhost 09:35 ~/Downloads/testrepo]$ git push -u origin HEAD:refs/for/main
Enumerating objects: 5, done.
Counting objects: 100% (5/5), done.
Compressing objects: 100% (2/2), done.
Writing objects: 100% (3/3), 318 bytes | 318.00 KiB/s, done.
Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
remote: Processing changes: refs: 1, new: 1, done    
remote: 
remote: SUCCESS
remote: 
remote:   http://192.168.70.39:8083/c/testrepo/+/1 update | add 222 to aaa.txt [NEW]
remote: 
To ssh://192.168.70.39:29418/testrepo
 * [new reference]   HEAD -> refs/for/main

 

4)查看变动

在登录界面的CHANGES栏目下可以看到提交的状态(Open、Merged和Abandoned)
这里可以看到改动正处于Open状态下。

  • 点击Subject可以查看具体信息

 

5)人工审核

  • 默认只有Project Owners和Administrator群组用户拥有“Code-Review”选项+2的权限(提交通过)
  • 普通用户的“Code-Review”选项只能选择+1(审核建议)

 

  • review代码

 

  • 审核通过后,commit状态变更

 

  • 审核通过后,commit从Open转换到Merged

 

6)查看gitlab中变化

  • 审核通过,merge以后,同步到了gitlab中

 

9、问题记录

1)客户端执行git commit命令时报错

  • 原因是git版本太低,升级到2.x版本
17 [root@localhost 11:00 ~/Downloads/testrepo]# git commit -m 'update '
git: 'interpret-trailers' is not a git command. See 'git --help'.
git: 'interpret-trailers' is not a git command. See 'git --help'.
cannot insert Signed-off-by sentinel line in .git/COMMIT_EDITMSG
# 安装git-2.40.0


# 1. 安装依赖
yum install -y curl-devel expat-devel openssl-devel gcc gcc-c++


# 2. 安装git
tar -zxvf git-2.40.0.tar.gz
cd git-2.40.0/
make prefix=/usr/local/git all
make prefix=/usr/local/git install

# 3. 配置环境变量
# vim /etc/profile.d/custom.sh, 添加以下内容:
export PATH=/usr/local/git/bin:$PATH

# 4. 当前terminal加载环境变量
source /etc/profile.d/custom.sh

 

posted on 2023-06-05 10:42  凉城旧巷  阅读(1346)  评论(2编辑  收藏  举报